<?php
/*
+--------------------------------------------------------------------------
|   phpBIZ v3.0  full version
|   ========================================
|   by pianyao@wjl.cn 
|   http://www.phpbiz.cn http://www.wjl.cn
|	all rights reserved
|   +---------------------------------------------------------------------------
|
|   > 完成日期 
|
+--------------------------------------------------------------------------
*/
!class_exists('Debug') && exit('Forbidden');
$p = new attachpic;

class attachpic
{
	var $upload_dir;
	var $seller_data;
	var $g_id;

	function attachpic()
	{
		global $BIZ,$INCOME,$CONF,$DB,$_LEVEL;
		$this -> upload_dir = stripslashes($CONF['upload_dir']);
		$this -> g_id = intval($INCOME['GOODS_ID']);
		$this -> seller_data = new manager($BIZ->seller['seller_id']);

		//---------------------------------------
		// Kill globals - globals bad, Homer good.
		//---------------------------------------
		
		$tmp_in = array_merge( $_GET, $_POST, $_COOKIE );
		
		foreach ( $tmp_in as $k => $v )
		{
			unset($$k);
		}

    	//--------------------------------------------
    	// Check viewing permissions, etc
		//--------------------------------------------
						
		if ( empty($BIZ->seller['seller_id']) or $BIZ->seller['seller_id'] == "" or $BIZ->seller['seller_id'] == 0 )
		{
			$BIZ->error( "用户没有登陆，不能使用此功能","?act=Login&code=00" );
		}
		$DB->db_query("SELECT seller_id FROM biz_goods WHERE goods_id=$this->g_id");
		$re=$DB->db_fetch_row();
		if ($BIZ->seller['seller_id'] != $re[0])
		{
			$BIZ->error("您不是该商品所有者，无权操作","?act=Login&code=00");
		}
	    if( $BIZ->seller['seller_check_status']=='uncheck' )
		{
			$this ->  seller_data-> control_panel("nocharge");
		}elseif( ($data=$this -> seller_data->get_seller_data("end_time,property_id"))&& $data['end_time']<time()&&$_LEVEL[$data['property_id']][1]>0 )
		{
			$this ->  seller_data-> control_panel("due");
		}else
		{
			$BIZ-> nav_link[] =array ("商家控制台","?act=Seller");
			$BIZ -> assign('code',$INCOME['code']);
						
			switch($INCOME['code'])
			{
				case '00':		//list all attach pictures
					$this -> list_attpic();
					break;
				case '01':		//delete all selected pictures
					$this -> del_attpic();
					break;
				case '02':
					$this -> upload_attpic();				
				default:
					$BIZ-> nav_link[] = array("副图管理","");
					$this -> list_attpic();
			}
		}
		$BIZ -> output('pics.tpl');
	}
	
	function list_attpic()
	{	//00
		global $DB,$BIZ;
		$DB -> db_query("SELECT `pic_allow`,`pic_total` FROM `biz_seller_data` WHERE `seller_id`=".$BIZ->seller['seller_id'] );
		$pd=$DB -> db_fetch_row();
		$pic_data_info=array($pd['pic_allow'],$pd['pic_total'],$pd['pic_allow']-$pd['pic_total']);
		$DB -> db_query("SELECT `pic_id`,`pic_name` FROM `biz_pic_attach` WHERE `pic_goods_id`='{$this->g_id}'");
		while($p_re=$DB -> db_fetch_row())
		{	
			$pics[]=array($BIZ->get_thumb($p_re['pic_name']),intval($p_re['pic_id']));
		}
		$BIZ -> assign('pic_data_info',$pic_data_info);
		$BIZ -> assign('pic_info',$pics);
	}
	
	function del_attpic()
	{	//01
		global $DB,$INCOME,$BIZ,$CONF;
		$delid=$INCOME['del_item'];
		
		if(count($delid)==0) 			
			echo "<script language=javascript>alert('您未选中任何图片！');location='javascript:history.go(-1);';</script>";

		/* check auth user action*/
		$delid_str= implode(",",$delid);
		$DB -> db_query( "SELECT DISTINCT bs.seller_id FROM biz_seller bs,biz_goods bg ,biz_pic_attach bpa WHERE bs.seller_id=bg.seller_id AND bg.goods_id=bpa.pic_goods_id AND bpa.pic_id IN(".$delid_str.")");
		$rs = $DB -> db_fetch_row();
		if( $rs['seller_id'] != $BIZ->seller['seller_id'] || $rs['seller_id']=='' || empty($rs['seller_id']) )
			$BIZ -> error("你没有删除图片的权限！");
		/*end check auth user action*/
		$link=$DB -> db_query( "SELECT pic_name, pic_id FROM biz_pic_attach WHERE pic_goods_id ='".$this->g_id."'");
		
		while($rs = $DB -> db_fetch_row($link))
		{
			$pid=$rs['pic_id'];
			if(in_array($pid,$delid))
			{
				$cache[]=$rs['pic_name'];
				$thumb_cache[]=$CONF['thumb_prefix'].$rs['pic_name'];		
				$DB->db_query("DELETE FROM biz_pic_attach WHERE pic_id=$pid");
			}
		}
		$BIZ->unlink_pic($cache);
		$BIZ->unlink_pic($thumb_cache,1);
		$DB -> db_query( "UPDATE `biz_seller_data` SET pic_total=pic_total-".count($cache)." WHERE seller_id=".$BIZ->seller['seller_id'] );
		$BIZ ->redirect_screen("恭喜！您已经成功删除选定图片","?act=attpic&GOODS_ID=".$this->g_id);
	}
	function upload_attpic()
	{	//02
		global $BIZ,$INCOME,$DB,$CONF;

		/* check it*/
		$DB -> db_query("SELECT `pic_allow`,`pic_total` FROM `biz_seller_data` WHERE `seller_id`=".$BIZ->seller['seller_id'] );
		$pd=$DB -> db_fetch_row();
		if($pd['pic_total']>=$pd['pic_allow'])
			$BIZ -> error("您已经超过允许上传的最大图片个数，请[<a href='index.php?act=User&code=buypic'>购买</a>]更多图片位置。");	

		$pic_id = 1;  /*default picture*/
	    if($_FILES['up_pic']['name'])	
		{    
			 $prefix='bip_g'.time().mt_rand(1,99999);   // 'g' stands for good
			 $f_upload = new upload_file($prefix,$this -> upload_dir);          
             $f_upload->set_file_name_size($_FILES['up_pic']['name'],$_FILES['up_pic']['size']); 
             $f_upload->set_upfile($_FILES['up_pic']['tmp_name']);  
			 $file_name = $f_upload->do_save();
		
			 $DB -> db_query( "INSERT INTO `biz_pic_attach`"."(`pic_name`,`pic_goods_id` ".") VALUES ( '{$file_name}','{$this->g_id}')" );
			 //$pic_id = $DB -> db_insert_id();
			 $DB -> db_query( "UPDATE `biz_seller_data` SET pic_total=pic_total+1 WHERE seller_id=".$BIZ->seller['seller_id'] );
			 $BIZ ->redirect_screen("恭喜！您已经成功添加了一张副图","?act=attpic&GOODS_ID=".$this->g_id);
		}
		
	}

	function do_buy_pic()
	{
		global $BIZ,$DB,$feedb,$INCOME;

		$money = $feedb['pic_num']*intval($INCOME['buy_num']);
		$res = $this -> seller_data ->consume($money);
		if(  $res<0 ) $BIZ -> error("提示：您的可用消费金额已不足！你还差{$res}点");
		$this -> seller_data -> consume_log($money,"购买副图位",$BIZ ->seller[seller_id]);

		$DB -> db_query("UPDATE `biz_seller_data` SET pic_allow=pic_allow+".intval($INCOME['buy_num'])." WHERE seller_id=".$BIZ->seller['seller_id']);

		$BIZ ->redirect_screen("恭喜！您已经成功地购买了图片位。共消费{$money}点","?act=attpic&GOODS_ID={$this->g_id}");

	}
}
?>